Aug 2023 – Oct 2023 · 2 mos · Remote

Oct 2022 – Sep 2024 · 1 yr 11 mos · Remote · Remote

• At Tutelr Infosec, I played a pivotal role in ensuring privacy compliance for cloud computing, email security, and application security projects. I conducted in-depth Privacy Impact Assessments (PIA) and Transfer Impact Assessments (TIA), advocating for data minimization and ensuring secure and GDPR-compliant data transfers. My proactive approach in maintaining up-to-date regulatory knowledge and driving risk mitigation strategies resulted in enhanced compliance across the organization.
• Key achievements include:
• ● Led successful Privacy Impact Assessments for key projects, mitigating privacy risks and ensuring full GDPR compliance.
• ● Spearheaded the implementation of robust consent management systems using OneTrust tools, allowing customers to manage their preferences and ensuring GDPR-compliant documentation.
• ● Championed data minimization practices, optimizing data retention policies to align with GDPR’s strict requirements, reducing data exposure and risk.
• ● Delivered privacy and risk management training, equipping teams with the knowledge needed to handle sensitive data securely and in compliance with evolving regulations.

Oct 2022 – Sep 2024 · 1 yr 11 mos

• Led high-impact Privacy Impact Assessments (PIAs) across cloud, application, and email security environments, integrating privacy-by-design into technical architecture. Directed cross-border Transfer Impact Assessments (TIAs) under GDPR, implementing localization strategies and jurisdictional safeguards for lawful data transfers. Maintained proactive compliance readiness across GDPR, CCPA, DPDP Act, and PIPEDA through structured audits, regulatory watch, and internal controls. Reinforced technical privacy controls, ensuring encryption, access restriction, and audit logging per GDPR Article 32, in collaboration with cybersecurity teams. Orchestrated enterprise-grade consent and preference management systems via OneTrust, enabling transparent, traceable, and user-centric consent workflow. Drafted comprehensive internal policies, harmonizing privacy risk management with global regulatory expectations and corporate governance principles. Spearheaded capability-building programs, delivering privacy awareness and training initiatives tailored to functional risk exposure and data management roles.

Oct 2022 – Oct 2023 · 1 yr · India · Remote

• standardizing association

Oct 2020 – Sep 2022 · 1 yr 11 mos · Remote

• In my freelance role, I worked closely with legal teams to ensure GDPR compliance across multiple projects, focusing on data privacy regulations and internal audit strategies. I developed and enforced consent management processes, risk mitigation strategies, and data retention policies to align with international data protection standards. My work contributed to strengthening privacy frameworks and policies for various clients in compliance with global data protection laws.
• Key achievements include:
• ● Played a critical role in maintaining GDPR compliance by conducting internal audits and assessments, identifying and addressing compliance gaps.
• ● Collaborated with legal teams to implement GDPR-compliant consent processes and ensure transparent data collection practices.
• ● Developed and enforced comprehensive data retention policies, ensuring compliance with GDPR’s data minimization principle.
• ● Designed and implemented privacy policies, reinforcing customer trust and safeguarding sensitive information across all phases of project implementation.
• ➤ Specialties: Data Privacy and Protection, Regulatory Compliance, Risk Management, Privacy Impact Assessment (PIA), Transfer Impact Assessment (TIA), Data Minimization, Consent Management, Data Security and Encryption, Governance and Policy Development, Incident Response and Breach Management, Cross-Functional Collaboration, Vendor and Third-Party Risk Management, Audit and Compliance Monitoring, Training and Awareness Programs, Data Retention and Disposal Policies, Cybersecurity Integration, Advanced Security Solutions Deployment, Legal and Regulatory Liaison, Crisis Preparedness and Response Planning, Performance Metrics and Risk Indicators.

Oct 2020 – Sep 2022 · 1 yr 11 mos

• Consulted on GDPR interpretation and implementation, aligning legal provisions with practical compliance models across digital and regulated environments. Executed privacy readiness audits, identifying non-conformities, operational risks, and implementing audit-proof compliance protocols. Operationalized lawful basis models, ensuring data collection and processing aligned with GDPR Article 6(1), emphasizing informed and granular consent. Instituted data minimization and retention policies, embedding necessity, proportionality, and time-bound storage practices per GDPR Article 5. Collaborated with legal stakeholders to craft enterprise-ready privacy strategies that balanced operational agility with regulatory defensibility. Contributed to policy formulation and enforcement, standardizing organizational approaches to data protection, and user trust.

Oct 2012 – Jun 2020 · 7 yrs 8 mos · Bhubaneswar, Odisha, India · On-site

Sep 2011 – Oct 2024 · 13 yrs 1 mo · Bhubaneswar, Odisha, India

• lectures on DATA COMMUNICATION AND NETWORKING , ECOMMERECE , APPLICATION SECURITY , DESKTOP SECURITY ,NETWORK SECURITY ,INFORMATION SECURITY , DATA PRIVACY , DATA PROTECTION

Jul 2008 – Sep 2012 · 4 yrs 2 mos · Bhubaneswar, Odisha, India · On-site

Feb 2004 – Jun 2008 · 4 yrs 4 mos · Bhubaneswar, Odisha, India · On-site